Commits · 7d91d9ea6b2281d847e6dcb05e6e3bbd88b60404 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Aug 30, 2017

Add some C64x assembly modules [by minor adjustments of C64x+ modules]. · 7d91d9ea

Andy Polyakov authored Nov 25, 2016



AES, SHA256 and SHA512 modules can actually replace corresponding
C64x+ modules. This is because C64x+ instructions don't actually
provide "killer-argument" advantage in these modules. As for SHA1,
even though its performance exactly same, C64x+ module is more
responsive to interrupts, i.e. doesn't inhibit them for as long
periods as C64x module.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4265)

(cherry picked from commit 5526e579)

7d91d9ea

Nov 14, 2016

Update to match latest CAVS · e1a9268d
Steve Marquess authored Nov 14, 2016
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
OpenSSL-fips-2_0_14

e1a9268d

FIPS MIPS assembly pack refresh. · 2e691f8f

Andy Polyakov authored Jun 24, 2016



Backport CVE-2014-3570 bug and postability fixes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 10fa6736)

2e691f8f

Jun 21, 2016
- PowerPC assembly pack: add POWER8 support. · 894c04aa
  Andy Polyakov authored Jun 21, 2016
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 4577871c)
```
  OpenSSL-fips-2_0_13
  
  894c04aa
Feb 15, 2016
- Add target for i686 cross compilation · 1278ce48
  Steve Marquess authored Feb 15, 2016
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  OpenSSL-fips-2_0_12
  
  1278ce48
Jul 04, 2015

Add new iOS subdirectory · a0f8d282

Steve Marquess authored Jul 04, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

OpenSSL-fips-2_0_11

a0f8d282

Add new VxWorks x86 platform · 0f38e9cd

Andy Polyakov authored Jul 04, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

0f38e9cd

May 13, 2015

util/incore update that allows FINGERPRINT_premain-free build. · 34f39b06

Andy Polyakov authored May 11, 2015

As for complementary fips.c modification. Goal is to ensure that
FIPS_signature does not end up in .bss segment, one guaranteed to
be zeroed upon program start-up. One would expect explicitly
initialized values to end up in .data segment, but it turned out
that values explicitly initialized with zeros can end up in .bss.
The modification does not affect program flow, because first byte
was the only one of significance [to FINGERPRINT_premain].

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

OpenSSL-fips-2_0_10

34f39b06

Add support for Android 5, both 32- and 64-bit cases. · 6db8e3bd

Andy Polyakov authored May 11, 2015



Special note about additional -pie flag in android-armv7. The initial
reason for adding it is that Android 5 refuses to execute non-PIE
binaries. But what about older systems and previously validated
platforms? It should be noted that flag is not used when compiling
object code, fipscanister.o in this context, only when linking
applications, *supplementary* fips_algvs used during validation
procedure.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

6db8e3bd

Additional vxWorks target. · 50e2a0ea
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
50e2a0ea
fipsalgtest.pl update. · 3f137e6f
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
3f137e6f
Configure: add ios-cross target with ARM assembly support. · 97fbb0c8
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
97fbb0c8

Add iOS-specific armv4cpud.S module. · 5837e90f

Andy Polyakov authored May 11, 2015

Normally it would be generated from a perlasm module, but doing so
would affect existing armv4cpuid.S, which in turn would formally void
previously validated platforms. Hense separate module is generated.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

5837e90f

Adapt ARM assembly pack for iOS. · 874faf2f

Andy Polyakov authored May 11, 2015

This is achieved by filtering perlasm output through arm-xlate.pl. But note
that it's done only if "flavour" argument is not 'void'. As 'void' is
default value for other ARM targets, permasm output is not actually
filtered on previously validated platforms.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

874faf2f

crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on iOS. · 0b45df73

Andy Polyakov authored May 11, 2015

While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. As result exceptions could
be observed in xts128.c and ccm128.c modules. Contemporary Linux kernels
handle such exceptions by performing requested operation and resuming
execution as is if it succeeded. While on iOS exception is fatal.
Correct solution is to let STRICT_ALIGNMENT be on all ARM platforms,
but doing so is in formal conflict with FIPS maintenance policy.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

0b45df73

Add iOS-specific fips_algvs application. · 2bd3976e
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
2bd3976e
Configure: engage ARMv8 assembly pack in ios64-cross target. · c6d10905
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
c6d10905
Engage ARMv8 assembly pack. · 083ed53d
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
083ed53d
Add ARMv8 assembly pack. · b84813ec
Andy Polyakov authored May 11, 2015
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
b84813ec

Oct 24, 2014

support for iOS 7.x/ARMv8 · 7447e65f

Dr. Stephen Henson authored Oct 24, 2014



Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Steve Marquess <marquess@openssl.org>

OpenSSL-fips-2_0_9

7447e65f

Update fipsalgtest.pl to cope with changes in file names and format · 60cd2b72

Dr. Stephen Henson authored Oct 24, 2014



X9.31 tests need to look in files for '9.31'
RSA-PSS tests may contain additonal text as well as "salt len: n".
We now just look at the start of a filename for a match.

Separate ECDSA2 test list.

Reorder test to handle new formats: for example PQGVer for DSA2 can be
detected based on file format but if this fails revert to PQGVER.

For future debugging add a --debug-detect option which prints out more
details of the test detection including the first few lines of each
request file.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Steve Marquess <marquess@openssl.org>

60cd2b72

Jul 11, 2014
- Remove Dual EC DRBG again... · 7fb7844f
  Dr. Stephen Henson authored Jul 11, 2014
```
Dual EC DRBG removal now accepted for 2.0.8 onwards.
```
  OpenSSL-fips-2_0_8
  
  7fb7844f
May 12, 2014
- Add linux-x86_64-cross target. · 005563bb
  Dr. Stephen Henson authored May 12, 2014
  
  OpenSSL-fips-2_0_7
  
  005563bb
- Revert "Remove Dual EC DRBG from FIPS module." · 3b43568d
  Dr. Stephen Henson authored May 12, 2014
```
Revert Dual EC DRBG removal commit as it was not accepted for 2.0.7
version of the module.

This reverts commit 200f249b.
```
  3b43568d
Dec 16, 2013
- QNX6-armv4 support. · 2659a2aa
  Dr. Stephen Henson authored Dec 16, 2013
  
  OpenSSL-fips-2_0_6
  
  2659a2aa
- Remove Dual EC DRBG from FIPS module. · 200f249b
  Dr. Stephen Henson authored Dec 09, 2013
  
  200f249b
- eCos ARMv4/5 support · 4089bd60
  Dr. Stephen Henson authored Dec 16, 2013
  
  OpenSSL-fips-2_0_5
  
  4089bd60
- sha1-armv4-large.pl: comply with ABI. · baab0cf7
  Andy Polyakov authored Aug 17, 2012
```
(cherry picked from commit 1a9d60d2)
```
  baab0cf7
- Don't require tag before ciphertext in AESGCM mode · 7e98d95f
  Dr. Stephen Henson authored Oct 16, 2012
```
(cherry picked from commit 964eaad7)
```
  7e98d95f
- Add MIPS support. · b0ee17ad
  Dr. Stephen Henson authored Dec 16, 2013
  
  OpenSSL-fips-2_0_4
  
  b0ee17ad
Apr 10, 2013
- Support for WinEC7. · 4f6c4c18
  Dr. Stephen Henson authored Apr 10, 2013
  
  OpenSSL-fips-2_0_3
  
  4f6c4c18
Oct 14, 2012
- Add BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.c · 2d183e4c
  Dr. Stephen Henson authored Oct 14, 2012
  
  OpenSSL-fips-2_0_2
  
  2d183e4c
Oct 04, 2012
- update CHANGES · 7049d13c
  Dr. Stephen Henson authored Oct 04, 2012
  
  OpenSSL-fips-2_0_1
  
  7049d13c
- Add support for Windows CE and C64+ to FIPS module. · c6162001
  Dr. Stephen Henson authored Oct 04, 2012
  
  c6162001
May 23, 2012
- file msincore was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000 · 7b899c10
  Dr. Stephen Henson authored May 23, 2012
  
  7b899c10
- file hmac_sha1.pl was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000 · 6b2e340b
  Dr. Stephen Henson authored May 23, 2012
  
  6b2e340b
Jan 18, 2012
- revert fipslink.pl unlink retry change · 1de6a622
  Dr. Stephen Henson authored Jan 18, 2012
  
  2 tags
  
  1de6a622
- give a hand old assemblers assembling loop instruction. (original by Andy) · ac381944
  Dr. Stephen Henson authored Jan 18, 2012
  
  ac381944
Jan 03, 2012
- typo · 24fadf2a
  Dr. Stephen Henson authored Jan 03, 2012
  
  OpenSSL-fips-2_0-rc8
  
  24fadf2a
- Prepare RC8 · 409abd2f
  Dr. Stephen Henson authored Jan 03, 2012
  
  409abd2f